Hey... I was pleasantly surprised to learn that Apple and subsequently OpenJDK provides support for using the Apple KeyChain as a keystore. As I common use case, I tried to use it to store passwords for third party services (Twitter, git, whatever), but couldn't get it to work.
Apparently the implementation lacks support for SecretKeyEntry, as pointed out in http://stackoverflow.com/questions/727812/storing-username-password-on-mac-using-java#727840 Would it be possible to implement this? Thanks, -hendrik PS: As illustration, I would expect the following code to work (it works with JCEKS as KeyStore and appropriate input/output streams in load/store calls): final char[] keyStorePassword = "KeyStorePassword".toCharArray(); final char[] servicePassword = "ServicePassword".toCharArray(); final String alias = "MyService"; // store password for some service final KeyStore keystore = KeyStore.getInstance("KeychainStore", "Apple"); keystore.load(null, keyStorePassword); final KeyStore.PasswordProtection keyStorePP = new KeyStore.PasswordProtection(keyStorePassword); final SecretKeyFactory factory = SecretKeyFactory.getInstance("PBE"); final SecretKey generatedSecret = factory.generateSecret(new PBEKeySpec(servicePassword)); keystore.setEntry(alias, new KeyStore.SecretKeyEntry(generatedSecret), keyStorePP); keystore.store(null, keyStorePassword); // retrieve password for some service final KeyStore keystore2 = KeyStore.getInstance("KeychainStore", "Apple"); keystore2.load(null, keyStorePassword); final KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry)keystore2.getEntry(alias, keyStorePP); final PBEKeySpec keySpec = (PBEKeySpec)factory.getKeySpec(secretKeyEntry.getSecretKey(), PBEKeySpec.class); char[] password = keySpec.getPassword(); System.out.println(new String(password));
